Xpandion Blog

  • Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
Dror Aviv

Dror Aviv

Dror Aviv joined Xpandion in 2010 as a programmer in the R&D team. Combining technical knowledge with implementation skills, Mr. Aviv serves today as a Senior Implementation Advisor, bringing with him extensive hands-on experience from the field. He works closely with customers at their sites, and is an expert in defining customer needs, translating them into business process and implementing them via ProfileTailor Dynamics’ suite of products.

Posted by in Licensing & SAM

SAP Licensing and Authorizations Managers: How do you know that your final report is not relying on corrupted data? Maybe you have a software tool that analyses the data for you – but is any data missing or corrupted to begin with? How do you know?

electrician-499799_640.jpg

Continue reading
Hits: 8188 0 Comments

If you’re in the GRC field and you’re asked to join a GRC project as a professional consultant, a team leader or a project manager – avoid these 5 major mistakes. If you don’t identify these situations beforehand, you might be put in an uncomfortable position that could hurt your reputation. Avoid them ahead of time to minimize your risks.

iStock_000021791686XSmall.jpeg

Continue reading
Hits: 8044 0 Comments

Posted by in Licensing & SAM

When it comes to having a successful SAP licensing audit, remember the acronym “ECC”:

ECC_Method_SAP_Licensing_by_Xpandion2.jpeg

Continue reading
Hits: 7441 0 Comments

What? It’s already the third quarter? Yes, it is. We suddenly realized it ourselves, and wanted to make sure to remind you authorization managers and CISOs what you’ll be facing during this second half of the year. We’re assuming that these three things are already on your task list for Q3/Q4 (and if not, they should be), but we thought it would be nice to summarize them anyway.

iStock_000020142404XSmall.jpeg

Continue reading
Hits: 8391 0 Comments

Many small and medium sized companies struggle with this challenge. Let’s say they have a sales representative who’s located in another country. Which authorizations should he get? Should he have access to the SAP system at all? If so, should he be allowed to only see SAP reports (“view only”) or should he issue sales documents too? The answer is not easy, and might involve solving or remediating Segregation of Duties violations during the analysis process.

 iStock_000020168207XSmall.jpeg

Continue reading
Hits: 6783 0 Comments

The focus for this week is based on some very naive statements we’ve heard during our experience in the field. The following quotes are definitely myths, and we highly suggest that you familiarize yourself with them in case you hear them too.

 iStock_000002694919XSmall.jpeg

Continue reading
Hits: 5029 0 Comments

Do you know the best way to handle ongoing new T-Code and development requests? Should the CIO approve allocating the resources for business requirements as they pop up or should he thoroughly inspect each application first?

 iStock_000006052358_XSmall.jpeg

Continue reading
Hits: 5419 0 Comments

Even though Authorization Objects are the most basic components in the SAP authorization world, they make SAP much more secure. Many organizations argue that you should use Authorization Objects like you spice food: If spices are used properly, there’s total harmony and you can’t live without them. But if they are overused, they ruin the dish and the whole authorization mechanism becomes too difficult to handle.

 iStock_000014011698_XSmall.jpeg

Continue reading
Hits: 5719 0 Comments

“Conscious uncoupling,” (see goop) the fancy new age words that Gwyneth Paltrow and Chris Martin are using instead of the word “divorce” do feel a bit weird, but there is some truth to the approach that I think can actually highly benefit certain events the SAP world. In fact, without a “conscious uncoupling” approach to employees in the SAP world, a great deal of work might go to waste.

iStock_000005261770_XSmall.jpeg

Continue reading
Hits: 5860 0 Comments

One morning the company’s security manager or auditor appears at your door and catches you off guard with a question, “Hey, how can I know if someone is looking at employee salaries or peeking at their social benefits?” Without hesitating or looking away from your computer, you answer the obvious, “Well, if the person doesn’t need this function as part of his job description, he doesn’t have permissions for it.” But this uninvited guest is not leaving. He replies, “And what if he got permission by accident, or if he moved to a different position and the relevant authorization wasn’t removed…? How can I know if this person is still using his old permissions and looking at sensitive employee data?”

iStock_000026249003XSmall.jpg

Continue reading
Hits: 7348 2 Comments


Headquarters

+972-3-624-4245

157 Yigal Alon Street,

Tel Aviv 67443, Israel

info@xpandion.com

US Office

+1-800-707-5144

33 West 19th Street, New York,

NY 10011, USA

info.us@xpandion.com

India Office

+91-989-2546216

C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India

info@xpandion.com